ISTI-ansible-roles
/
ansible-role-linux-firewall
5
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Also fix the defaults.

This commit is contained in:
Andrea Dell'Amico 2020-11-30 16:29:57 +01:00
parent 4a9391492b
commit c312ea379b
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
defaults/main.yml
View File

@ -16,7 +16,7 @@ iptables_generic_rules_default_policy: 'REJECT --reject-with icmp-host-prohibite
ganglia_enabled: False ganglia_enabled: False
nagios_enabled: False nagios_enabled: False
iptables_open_all_to_isti_nets: False iptables_open_all_to_isti_nets: False
tomcat_cluster_enabled: False jgroups_cluster_enabled: False
# Another variable needs to be defined before the db rules are set # Another variable needs to be defined before the db rules are set
psql_firewall_enabled: True psql_firewall_enabled: True
mysql_firewall_enabled: True mysql_firewall_enabled: True

2
templates/iptables-rules.v4.j2
View File

@ -262,7 +262,7 @@
{% endif %} {% endif %}
{% endif %} {% endif %}
{% if jgroups_cluster_enabled %} {% if jgroups_cluster_enabled %}
# tomcat cluster # tomcat/jboss/wildfly cluster
-A INPUT -m pkttype --pkt-type multicast -d {{ jgroups_multicast_addr }} -j ACCEPT -A INPUT -m pkttype --pkt-type multicast -d {{ jgroups_multicast_addr }} -j ACCEPT
-A INPUT -m state --state NEW -p tcp -m tcp --dport {{ jgroups_multicast_port }} -j ACCEPT -A INPUT -m state --state NEW -p tcp -m tcp --dport {{ jgroups_multicast_port }} -j ACCEPT
{% if hybernate_multicast_net is defined %} {% if hybernate_multicast_net is defined %}